From a77528690b769a5d11fab4a4abaa8b562dab4b39 Mon Sep 17 00:00:00 2001 From: Guilherme Cassolato Date: Tue, 21 Mar 2023 17:59:10 +0100 Subject: [PATCH] Fix example 1 so it's clear the HTTPRouteMatch does not have to entirely stated within the trigger matches, but only a portion of it will do (if that portion is enough to scope the limit) --- rfcs/0000-rlp-v2.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/rfcs/0000-rlp-v2.md b/rfcs/0000-rlp-v2.md index 00a5e063..49f01f9c 100644 --- a/rfcs/0000-rlp-v2.md +++ b/rfcs/0000-rlp-v2.md @@ -164,7 +164,7 @@ spec: In this example, a distinct limit will be associated ("bound") to each individual HTTPRouteRule of the targeted HTTPRoute, by using the `triggers` field for selecting (or "sub-targeting") the HTTPRouteRule. The following limit definitions will be bound to each HTTPRouteRule: -- `GET|POST /toys*` → 50rpm, enforced per username (counter qualifier) and only in case the user is not an admin ("soft" condition). +- `/toys*` → 50rpm, enforced per username (counter qualifier) and only in case the user is not an admin ("soft" condition). - `/assets/*` → 5rpm / 100rp12h Each set of trigger matches in the RLP will be matched to **all** HTTPRouteRules whose HTTPRouteMatches is a superset of the set of trigger matches in the RLP. For every HTTPRouteRule matched, the HTTPRouteRule will be bound to the corresponding limit definition that specifies that trigger. In case no HTTPRouteRule is found containing at least one HTTPRouteMatch that is identical to some set of matching rules of a particular limit definition, the limit definition is considered invalid and reported as such in the status of RLP. @@ -193,11 +193,6 @@ spec: - path: type: PathPrefix value: "/toys" - method: GET - - path: - type: PathPrefix - value: "/toys" - method: POST when: - selector: auth.identity.group operator: neq